You're going to get Hacked in 2025
Hey Addie, come here. I want to try something. Hold on. Hi Anna. This is a hacker tool. Oh my gosh, this is wild. You know what? That's so weird. She looks like a dude from a trailer park. That's Addie deep faked as you. I don't like that.
That's crazy. It's weird. You want to see Taylor Swift? Hey, do you like my songs? Yeah. Sing a song, shake it off, shake it off, shake it off, shake it off. Shake off. Is that Taylor Swift? No, it's savvy. I'm going to be honest with you. It's almost impossible to not get hacked in 2025 from DeepFakes to AI powered malware and Phish. Even the most tech savvy, careful, vigilant of us are vulnerable. So let's do something about it.
This video is A PSA. We're going to cover the top five cybersecurity threats you have to watch out for in 2025, and we're going to cover all the new stuff, emerging threats like AI powered hacking and what we can do about it, how we can protect ourselves, our family, our friends, and even our companies that we work for because they help us pay the bills. And here's my thing, I want us to become zero trust humans when it comes to technology. I'll talk more about that later. So get your coffee ready.
Let's try and not get hacked. By the way, this video would not be possible without my sponsor Bit Defender, which I didn't know this, but they fight cyber crime legit like you've seen the Avengers, right? That's them except with laptops. I'm not kidding. They even had this super elite covert cybercrime unit within their company called the Draco team. It has some strong slithering vibes,
I guess like defense against the dark arts, I don't know. And they partner with the FBI, Interpol Europol to fight. I mean, how cool would it be to spend a day with them and see what they do? Now before we get to the scary stuff, the top five first, there's some things you should already be doing. Like yes, there are emerging threats, but basic IT security hygiene should already be in place. Now I have to say this because you guys have been bad.
You know that you know who you are and Bit Defender's Consumer report talking to over 7,000 normies. 37% of you write your passwords down. Are you kidding me? 18% of you use the same password for three or more accounts and let's be honest, that's probably all your accounts, right? So for basic IT security hygiene passwords, use a password manager. I don't care which one you use, just use one. Obviously I'm a big fan of Bitdefender. Pick one. Use it and use a secure unique password for everything you log into.
Never use the same password and please, please use multifactor authentication whenever you can. That means you put in a password and then you have to do something else. Receive a text message. Use an authenticator app. Why did I say authenticator like that? Authenticator to get an OTP or a one-time passcode. Two forms always. Now let's talk about your data. You have data, pictures, documents, videos,
back it up, back it up. Put it somewhere safe. Have a copy of it. Ideally, you'll be using the 3, 2, 1 backup strategy. You'll need three copies of your data, two of those on different types of storage media and one completely offline because a lot of the threats we're going to talk about involve getting your data and locking it up. You want to have a copy of that data that's offline that can't be touched by some kind of system. Next, update your software. Stop ignoring that notification. Do it right now. Your os your applications, they're doing that for a reason.
You're either getting new features or they're patching a mistake they made and you're about to get hacked. Update as soon as you get it. In most cases, antivirus have some sort of antivirus on your computer. Again, I'm a big fan of bitdefender. They have all kinds of cool bells and whistles to keep you safe, but just have something and leave it on. We do get in the habit of turning it off to test things. Turn it back on. It only takes one moment of leaving yourself wide open to get hacked and your day is ruined. And finally, don't skip this. Stay informed. Stay up to date.
Update your brain with new software of what's going on, but hey, you're already doing it. You're watching this video. Good job. But also don't skip the other security IT hygiene things because guess what? One in four consumers have been hit by a security incident. They got hacked. That was probably you, wasn't it? You got hacked. It can happen again, it's not like getting the chicken pox. It can happen a lot. Okay, here we go. Here's our list. One through five. Five is the scariest,
but one's pretty bad too. AI powered hacking. Now they just released a pretty scary stat in their cybersecurity assessment report. 2024 out of the 1200 people they surveyed, nearly all of them, 96% are concerned about AI's impact on the threat landscape. And these are IT people. They're talking to security people, people on the front lines. Yeah, the hackers are using AI and they're pretty good at it.
Now you probably know this AI is amazing. I use it every day along with many other tech pros to do all kinds of stuff, write code like this and I automate and just do more things faster. Yeah, hackers are doing that too. One of the scariest ways of doing that is with social engineering.
Security Pros are very worried about this. Let's talk about phishing for a second. Phishing emails where an attacker will try to impersonate someone trustworthy and try to get you to do something. Give them information, give them money. Download malware. The goal is to deceive you, but it's been kind of crappy in the past.
You can usually tell a phishing email because there'd be a plethora of grammar mistakes, spelling errors, but you know what? Not anymore. With ai, with large language models or LLMs, the phishing emails are perfect because think about it. The same technology you're using to make sure your emails don't sound stupid, the hackers are doing the same thing just to try and trick you. And in case you're wondering, phishing emails are still the main way cybercrime is done.
It's most common form 3.4 billion emails a day are sent out. Email impersonation accounts for 1.2% of all email traffic globally, and you want to see something scarier. In Q1 of 2023, Darktrace reported a 135% increase in malicious email campaigns. That didn't sound stupid. That was two years ago. AI has gotten a lot better,
but it's more than just fancy writing. They're using AI to find out more about you to make it more targeted. According to mail gun, there are four pillars of AI phishing. They'll use AI to find out more information about you collecting data on your interest behaviors and preferences using a tool called worm GPT, which we'll talk more about that here in a bit. And then instead of asking you to support a Nigerian prints, they will target your specific interests or hobbies, personalizing every hacking attempt.
They can even impersonate your friends and family and copy their writing style. Like right now, I tried this today just to see what would happen. X just released grok three, which is very impressive. It's their new AI model from Elon Musk and let's see if it'll do this.
That is not how I sound, but you get the idea. Also, grok is kind of unhinged, stay caffeinated and keep it geeky. Sounds just like me. It doesn't does it. And they can scale this process and automate this process to wear their hands off and suddenly they're scamming thousands of people with personalized phishing emails. And it's not just that there's more hackers are using obfuscation techniques, which obfuscation is a fun word to say. Try it right now. Obfuscation, they're using these techniques to evade anti phishing services using natural language processors or NLP to send malware or malicious links.
They're essentially tricking the NLP that email providers use to detect if a email is bad. And that's just one of the techniques they found that 78% of discovered malicious emails use two or more obfuscation techniques and listen, that's just phishing emails. There are SMS messages or texts, chat bots, that's a whole can of worms if you're single in 2025, I'm sorry because dating app chatbot scams are prevalent. It's only been a 2080 7% increase in scammers using chatbots.
That's so nuts. Essentially they'll create fake accounts. Of course using AI automation on a massive scale and with the advances in ai, they can make it very convincing with an entire backstory. They can generate a photo that's very realistic, a unique photo that isn't any real person. It's just a person that the AI made up right now. It can maintain a conversation with you, learn about you and then take all your money. So now what's our solution? How do we fight this? Zero trust human. Don't trust anything.
When you get an email you can open it, but that's all you can do. If you see a link, don't click that link. Never click a link in an email. I don't care if it's from your bank or your grandson, your sister or your mom, always go to the source. So for example, if you get a message from Chase Bank saying, Hey, log into your account. We need you to check this. Fine. I'm not clicking that link you sent me. I'm going to go to chase bank.com,
log into my account and see if I have any messages. If I don't, then I'm good. And you know what? It's going to look real. These emails are so good. Now don't fall for it. Zero trust human. In fact,
I would only interact with emails that you are expecting. So for example, if you try to log into a website and they're like, Hey, I just sent you an email to verify your login. Cool. You initiated that. You made that happen. That's real time. Anything else, don't just don't do it.
If you get an email asking for information about you or asking you to do something that seems kind of off the wall or even just initiating a payment, doing something kind of a big deal, don't just do it off of that information, off of that email. Do another communication method outside of that like call them, text them. You initiate to confirm what they're wanting to do and that goes across the board for every type of communication. If it seems weird, which if you're a zero trust human, it all seems weird, you will initiate a call to them to verify, always verify.
You've heard the old adage, trust but verify. No, don't trust, verify and then verify Again. I'm telling you, AI is getting crazy. You have to keep yourself safe. You know what? Tell everyone about this.
Tell your friends, your family, your company, your boss, everything, everyone. Now it's not just me saying this, the FBI is warning everyone too. Now, also as a zero trust human, you can use AI to fight ai.
If you get a weird email, if you get a weird text message, copy that and paste it into an LLM that you trust. In fact, just today I got an email from YouTube telling me they shared a private video with me and that it's an update to the community guidelines. Fishy, okay, whatever. I took a screenshot, put it into an LLM, and it told me, Hey, I'm looking at it. It looks legit,
but it also is kind of fishy because it was very convincing. If you're looking for an all-in-one solution, bitdefender does include a product called Scamo. This is their own LLM trained to look out for this kind of stuff. And this is the first time I'm mentioning how we're going to actually fight the hackers. And this is with ai. AI versus ai. That's how we're going to beat them.
Now, all this social engineering stuff, the phishing emails, the text, a lot of this is geared towards getting you to click on something and download something. That something is malware, malicious software, which when executed on your system, can ruin your day. It's still your cryptocurrency lock up. Your data just cause chaos. And while that's always been a problem, AI is making it worse. AI powered malware first. Just writing malware is hard.
Normally you have to be a very experienced coder and not just a regular coder. You have to know the ins and outs of security and normally your malware will break because people will figure out what it's doing and your antivirus will block it. So they have to try and write new malware. This takes a ton of time and effort, but not so much anymore. Thank you ai. AI can help malware writers write more malware just like AI helps coders write more code. Now, you may have tried this and it didn't work. It's pretty hard to get a regular LLM to write bad code for you. For example,
in chat GBT, write some malware that can mess up a Windows at 11 system. Sorry, can't do that. Can rock do it? I'm curious now. No, but they don't need chat. GPT or roc, they've got fraud. GPT and worm GPT. These are things you can buy on the dark web and they're essentially unlocked uncensored LLMs that will do whatever you want them to do. In fact, fraud,
GPT and worm GPT are tailor made for nefarious activities. Now think about the implications of this. What would require an extremely gifted and talented coder to write malware. Now anybody can do it. A script kitty, which is normally a term for a hacker that doesn't know what he's doing.
Not anyone can write malware. The barrier to entry is super low and LLMs are getting smarter and smarter. And then for people who do know how to write malware, these tools make them even more dangerous. Because we're changing malware,
we now have what's called polymorphic malware. Malware that adapts. We saw a first glimpse of polymorphic malware back in 2023 when HIAs Labs created their proof of concept called Black Mamba named because it's so dangerous if you know about snakes, you know what I'm talking about. It essentially exploited a large language model to dynamically modify its code at runtime and it modified benign code meaning like code that an antivirus didn't pick up on, but then it changed itself. Now at this point, AI powered polymorphic malware is still kind of A POC as far as we know. That was back in 2023.
You got to know hackers have made some progress and they don't want you to know about it. They can also use LMS to further hide their code. Palo Alto's Unit 42 team we're using an LLM based rewriting technique on some JavaScript based malware to reduce the number of vendors on virus total that found it as malicious or detected it as malicious. They essentially found that given enough layers of transformations, many malware classifiers can be fold into believing that a piece of malicious code is benign. So essentially malware can hide itself that ultimately what we may end up seeing is malware that can just adapt to whatever environment it's in, if it is being detected or it's been denied access because of defensive measures, it can learn and change without human input. Now keep in mind this is an emerging threat, meaning we haven't seen a lot of evidence for this just yet, but with how fast AI is advancing, like we're seeing new stuff come out every single week and it's incredible.
You got to know this is going to be applied. Now how do we fight this? How do we protect ourselves from the emerging threats and also the current threats because malware is still a very big problem. Now first a basic IT security hygiene. We talked a bit about this at the beginning. Update your software. Most malware is trying to exploit bugs and unpatched software.
Patch your software, update it, and you should be good most of the time. Also, avoid installing things. Don't install stuff. Reduce your attack surface. Yes, you're going to need applications. Install slack, install Photoshop, install trusted apps. But don't be like my video editor Isaac, who downloaded this random third party voice generation software that no one's ever heard of. Also use advanced antivirus software.
You want to use antivirus software that you know is the latest and greatest. Always looking for the emerging threats, and that's even using machine learning and AI techniques to detect the latest stuff. Bitdefender is one of my favorites. There are others, but make sure you have something and finally, stay informed. Try to be aware of what's happening. Just pay attention,
follow Twitter account or X accounts like bleeping computer or simply ask an LLM like chat, GBT or X. Think they have all this stuff free. Now just ask it. Hey, are there any cybersecurity threats I should know about right now? Just ask it and it'll tell you. Now, all these things I've mentioned, this is what's called defense in depth, meaning you want to have multiple things you're doing to secure yourself multiple layers. It's never going to be just one thing. Now speaking of malware, let's talk about ransomware. I'm sure you've heard of it, but you've probably never heard of encryption list ransomware.
And that might sound kind of weird because how does that work? Because ransomware by Design encrypts, it's malicious software that went executed will take your data, your files and lock them up and crip them. Essentially they put it into a locked room. They are the only ones, the hackers that have the key. And if you want to unlock your data, you got to pay them some money. Cryptocurrency, what have you once paid? They normally do unlock your or they give you the code, they give you the key to unlock your data.
If you've ever been through a ransomware attack, it's the worst. It's been happening for years and it can cripple a company, even close a company down. Now, overall it's on the rise. There were 5,400 victims in 2024. Now that's organizations, not individuals. We don't really have data on individuals. But check this out,
the average ransom demand is 2.73 million. Is that right? 2.73 million the average. And what's crazy is these ransoms are often paid. Now, encryption list malware, they don't lock up your data, they borrow it, they borrow it with hopefully you not knowing about it, and then they send you a message saying, Hey, if you don't pay us some money, we're going to release this data to the public. So think if you're a healthcare provider and you have a bunch of sensitive information about your patients, they might release that data that would ruin you. Now this type of ransomware is on the rise and it kind of sucks because normally to protect yourself against ransomware along with all the other basic IT security hygiene things you might do, a key thing you'll do is back up your stuff, back up your data.
If it gets locked up, you've got to back up. No big deal. But with encryption list, your backup doesn't matter. They have your data and they're going to release it.
So think about it as a criminal, that's the safer option because companies like bitdefender, when ransomware is running rampant, they'll actually release free tools decrypt to decrypt against popular ransomware software. So as an attacker, you're like, don't want to risk that. I'm just going to take their data and make 'em give me money. I'm not going to do anything else. They can take it a step further and do double extortion or even triple extortion. What is that?
Double extortion is where they both encrypt your data and threaten to release it. Triple extortion's crazy. The more I say extortion, the weirder it sounds, they're going to encrypt your data, threaten to release it, and then also do a third thing. And this could be, this is like a variable. They're going to have fun with it. They might DDoS your company essentially sending a bunch of network packets to bring down your websites, your servers and make you your company. Just be unusable or harassing your customers or employees. And then keep in mind too, that ransomware is malware and all the AI power techniques we just talked about with malware, ransomware has that too. It's nasty. So what can we do?
How do we protect ourselves first? It's same as malware. Backing up your data is still good. Even with encryption list, you want to have a backup also as an individual. But defender does have ransomware protection.
So as part of the antivirus solution they offer take out your back with ransomware. This is why you'll want advanced antivirus software because it does anti ransomware stuff. And if you're crazy like me, you might have a centralized server in your studio from 45 drives and they have an anti-malware service that will constantly analyze for ransomware. And if it does find something, it'll take action to make sure it doesn't spread. Now this cybersecurity threat, I hate it so much because there's really not much we can do about it.
It's called supply chain attacks. And my good old buddy Starbucks is going to help me explain this. In December of 2024, so recently Starbucks got hacked, but they also themselves did not get hacked. Wait, what I told you,
supply chain stuff, it sucks. This hack disrupted Starbucks operations impacting their payroll and scheduling software affecting 11,000 stores in the us. All the employees had to keep their schedule and all their payroll information by hand, like they had to write it, but they didn't get hacked. Well then how did they get hacked? It's one of their vendors.
It's the software they used. You see their payroll software, A key supply chain provider for Starbucks, a company called Blue Yonder, they were hacked and this impacted Starbucks scheduling software. In fact, blue Yonder was a victim of a ransomware attack, a ransomware group. Yeah, there's like teams and gangs out there. They were called Termite, which I feel like they could have made a better name. Now here's the thing,
it didn't matter how secure Starbucks was, and I'm sure they have an amazing cybersecurity team and they're very secure. Didn't matter. Their vulnerability was that their vendor, a company they depend on for a service got hacked. Here's the thing, so many companies depend on other services and this is not an isolated incident. This happens all the time to all of us from the biggest companies to the individuals. Now this can come in many forms. For example, you may have a medical provider that has all of your data and they get hacked and suddenly your personal information is out in the wild or maybe a software you love and use all the time.
Do you have a software update that's got malware in it? That has happened. In fact, it happened with three CX just last year. Now I'm scrolling through this article just remembering how many of these supply chain attacks happen in 2024, I think it was dubbed the year of supply chain attacks. And it's just crazy all that happened. So in the future, what can we expect for emerging attacks? We can pretty much guess the biggest targets will be, well, the targets major AI providers. What if open AI got hacked? What if local AI got hacked? We know that Apple intelligence was just rolled out very terribly and a lot of our phones now have AI built into it.
That's very new technology ripe for being hacked. Hackers could attack our satellites, our physical internet infrastructure. They could attack a cloud like Amazon, AWS, Azure, Google Cloud, which much of our internet is being hosted on. A lot of companies have their infrastructure there. If these get hacked, that's a major disruption to our society. So how do you prevent this?
How do you protect yourself from this? Well, as an individual, it's hard because you don't have a lot of control, but a lot of security people say, and I agree with them, regular updates should be tested. Now I know this flies in the face of me telling you to always update your software as soon as you can. So as a user, read the release notes for every update, maybe put it into AI and say, is anything weird here? But for most situations, patching your stuff, which even this article says this is better than trying to play.
It's safe and not patching your stuff, but as a business test before you deploy. And then this one is what I try to model in my entire life and my business all the time, and it's diversifying, decentralizing your stuff. Don't use just one cloud provider. Don't put all your data on one hard drive,
spread your stuff out so you're not dependent on one thing. That's just good. Practice number four is going to hurt. And this is I OT the internet things. I'm a massive fan of iot. That's Smart Doorbell, the Alexa device. You have smart lights, smart oven, smart toilet, it's all amazing.
But most of the time all these devices connect to the internet, which means they're going to be vulnerable to some sort of attack. The current threats are pretty bad. The smart devices in your home could become part of a botnet. Essentially. Hackers are able to commandeer your device and combine the power of your device with thousands of other people's devices to perform DDoS attacks on companies. Hackers can steal information, they can eavesdrop on you, they can affect your stuff with malware, making it unusable. Now,
this is a big deal because on average people have about 21 IOT devices in their homes. For me that's way above that. And this is so easy to miss because often we deploy these little devices in our homes and we forget that these devices, they run software, software that needs to be updated, software that may have vulnerabilities and we just don't think about patching our toilet, right? Also, these devices normally have authentication. Most of the time we don't think about changing the username and password on an iot device. So it's left with the default credentials. Guess what?
Hackers know these default credentials and using ai, they can mass scan a ton of things and figure out, oh, there's 14 houses in Minnesota that I can get accessed on this little camera that was released because they didn't change their password. This happens all the time, and I'm talking in the context of homes. This does affect businesses as well. There are many, many iot devices that are built and used in a business environment. Now the emerging threats are just amplifying what the current threats are.
AI enhanced everything. They can more easily find your devices more easily, figure out how to get into them, and it's never been more important to make sure your iot devices are secure in your home and in your business. Okay, how do we do that? What's the solution? First thing I would do, isolate your iot devices on their own network. Now, if you're not tech savvy, that sounds kind of scary, but essentially all it means is we put all your iot devices on their own network to where they can't talk to the rest of your network. So the network where you're on your phone, the network where you're using your computer, you don't want your IOT devices talking to the rest of your network.
You want them separate. Now, how you do that depends on what kind of router and wifi situation you have. Many modern routers do offer a way to do this. Thankfully we have chat GBT that can help you out or Google a better solution than this is to use completely local iot, meaning iot that has no access to the internet.
You run all of your smart home stuff local and it doesn't need to talk to a cloud server. I did that with home Assistant. You can check out that video right around here somewhere that is a bit more technical. But if you want to have a smart home, there is no better solution. Hey, network, check from the future here.
I forgot to mention that Bitdefender does a ton of research on iot because it is pretty stink and dangerous. And they talk about things like, Hey, vulnerability is identified in LG Web os, thermostats, fire sticks, smart cams, smart locks. That's kind of terrifying. Wait, do I have one of those? I need to check this out.
So if be curious about what iot stuff is vulnerable or what a vulnerability looks like, check out bit defender's research number five is the scariest by far. It's DeepFakes security Pros are scared 36% saying it's a very significant threat. DeepFakes is where things get very scary because it's hard to detect them.
Think about this, hackers bad actors. They can steal your face, they can steal your voice, they can make you do anything. They can make you say anything. They can pretend to be you and there's not much you can do about that. And they can do that same thing to your family, to your friends, to your coworkers, to your CEO.
And what's even scarier is that it's not that hard to do. It could be as simple as having one picture of someone and just three seconds of audio of their voice and you can become them or create videos of them doing anything. And you can do it on things like your phone. There are apps like Face App, which if I get a chance to play with, I'll show it right here that can do it within moments. And then I saw a movie recently while I say recently, it was last year called Thelma. It's a great movie. You should watch it. Here's the scene here.
Essentially a sweet old grandma gets a voice fishing call, but it's her grandson's voice and it sounds very real. It incites fear and urgency and it's not just prerecorded videos. We're able to do this live now. I can become someone else. I can jump on a phone call a FaceTime call and talk to someone as someone else. And here's the thing, deep fakes used to be kind of a joke, right? Like they've been around for a while, but it was pretty easy to tell a deep fake from a real video. It was neat, but easy to tell.
Not anymore either forced to join that milia and people are falling for this stuff in droves. Here's some big ones that happen. Elon Musk, you probably saw this going around. There was a crypto fraud. In fact, I think it happened to David Bamal where his YouTube channel got hacked and they were just playing Elon Musk crypto scan videos. And this video was pretty convincing. And if you weren't intentionally trying to look for a deep fake, you might just fall for it and fall for it. People did.
One guy lost $690,000 of a savings. Another woman sent $10,000. One out of 10 people say they have received an AI cloned voice message and a stunning 77% of people fell for it. They lost money. Now, check out more of these omni human, A company from by dance, I believe created a video of Taylor Swift singing in Japanese. She doesn't know Japanese and it looks like Taylor Swift. We got David Beckham speaking a bunch of different languages. We got another Taylor Swift used in a pot scam, but not that kind of pot kitchen pots.
Jennifer Aniston was giving away free MacBooks. But just think about this. If your loved ones received a call from you and it sounded like you and you were scared and you were asking for money and you were in trouble, just something very urgent, would they fall for it? Would your mom fall for it? Would your grandma fall for it? Where'd your dad and your grandpa? Would you fall for it if your wife called you or your sibling? You see in those moments, we're not necessarily thinking about DeepFakes. We're thinking my loved one just called me and they sound like they're in trouble. That's why this is scary. Now, right now, if you're tech savvy,
you can probably with in most cases, go yeah, deep fake. Got it. But they're getting better and they're more accessible. And the tools I've demoed in this video so far are not hard to get. Most of them are free and open source and I was able to get it up and running in an afternoon. And if you couple this whole deep fake thing with social engineering campaigns where they're able to scrape massive amounts of data about you or your family, whoever all using ai, and then they can impersonate you with all that information, that's a perfect fake. They know about you. They know your hobbies,
they know your interest, and they look like you and they sound like you and they are on the rise. Just between 2022 and 2023, there's been a, what does that say? 1740% surge in North America alone. It's easy to do on a massive scale and it's getting harder and harder to spot.
Now here are some more crazy stories. British engineering giant Arup revealed as $25 million deep fake scam victim. One of their employees in Hong Kong had received a phishing email to send out a secret transaction. But like a good employee that's probably been trained on phishing technique, he's like, I don't know about that. But then a video call put all his doubts aside, it was convincing enough for him to send $25 million.
People have gotten deep fake robocalls from President Biden. This is a nightmare. This could happen to anyone. Deep fake audio of a school principal sparks death threats in Maryland. So what can we do about this? How do we protect ourselves from DeepFakes? Well, right now, there is software out there that can help us detect if a video or a call is a deep fake. There's Sens ai, Intels fake catcher, reality defender.
Microsoft has one called Microsoft's Video Authenticator resemble ai. There's a lot out there. But here's the thing, we're doing AI against ai, and as AI improves in quality, deep fakes are going to get better and better. When initial deep fakes came out, you would just tell people, yeah, just look at the eyes. The eyes look weird or the lips don't quite match the words. So the hackers would fix that. They would make the eyes blink more regularly.
They would make the lips and the mouth move regularly and they would keep fixing it and patching it. So whatever we're using now to detect if a video is a deep fake that can be fixed by a hacker to make it look more real, hopefully, and I'm optimistic about this, we stay in line with them. They don't have a massive advance and we're left behind on being able to detect. But you know what could happen? So for that, what do we do for ourselves? First, zero trust got to be a zero. Trust human. Someone calls you even if they look like your grandma and they sound like a grandma. Don't believe it. Hang up.
You call your grandma with your phone and her number. Always verify with an alternate source. There are other options like the FBI recommends that you have a safe word between you and your family, like monkey poop coffee or something. I don't know. This smells so good. Just a non statistical phrase that no one else would know except you and your family. That's a good idea. However, my family would forget or I might forget. Then you got a problem. And who's going to remember to ask that? Now,
it might be too late for this, but try to limit your digital footprint. Limit what is put out there about you. So for me, I'm done. If someone wanted to impersonate me, my face and my likeness, my voice have been duplicated millions of times. Although I will say this, I've got a beard and beards just do not work well with these AI tools yet.
So I think I'm safe for now until they master beards. I think hair is one of the hardest things to duplicate, but seriously limit what you put online. They can't copy what they don't have access to. And this goes for your likeness,
your voice, personally identifiable information about you. Limit that because it's going to get harder and harder to tell who the real you is. And that's a really scary thing to say. Now, I do have a bonus fear in the future. This is number six, I guess, and it's quantum computing essentially super powerful computers, way more powerful than what we have now and what they'll be able to do. For example, your password right now, if it's long and complex, it would be very, very, very hard to decrypt your password to figure out what it's with current computing. But a quantum computer, it could do it. So for example,
if you're on public wifi at Starbucks and you log into Facebook, that connection between you and Facebook is very secure. It's TLS. It's encrypted. Can't look at it. Now, a hacker could be in the middle and they could capture that traffic, but they wouldn't be able to unlock it and see inside of it because it's encrypted. But they could just hang onto that. And then later with constant computing, it's so powerful, they could decrypt that information and learn about you specifically, they can find out your passwords. So what do we do with that? Well always use multifactor authentication.
Doesn't matter if they get your password, they still need the extra thing. Second, change your password on the regular. If they capture your stuff one day, but you change it the next day, it doesn't matter if they have your stuff. Also, we're seeing technologies come out called quantum resistant encryption or technologies or post quantum cryptography, essentially cryptography that's secure enough. The algorithm's so intense that even quantum computers couldn't touch it for now. So if you had to make a choice between a provider and they're like, Hey,
we've got quantum cryptography, go for them. Could be good. I think in the future we're all going to be on some type of quantum cryptography or post quantum cryptography. And thanks again to Bitdefender for sponsoring this entire video. They are on the front lines of cybersecurity, fighting cybercrime, doing research and making amazing software to help keep you and your loved ones, your friends, your businesses safe. If you want that piece of mind, please check out the link below. I'm a big fan of their bitdefender premium security.
Many of the things we talked about bitdefender covers from anti-malware to crypto mining protection, email scam, copilot, password manager, VPN, and a lot more. I mean, look at all this. They are that one-stop shop to give you peace of mind. And when it comes to cybersecurity, you do need to focus on defense in depth.
I was actually listening to a podcast earlier this week about how to protect your body from getting sick from viruses, your immune system. And it's not very different from cybersecurity. They said they want to use the Swiss cheese approach, which means you think about Swiss cheese, a slice of cheese has a bunch of holes in it, but if you add another slice of Swiss cheese and then another, eventually those holes become covered. And what that illustrates is that you want to have multiple layers of security. And while you may think a cup of coffee and a keen eye is all you need to keep yourself safe, no, you want to have defenses in place like Bitdefender that have your back when maybe you're having a bad day or there are things you don't know about that come at you and they have your back. Anyways, that's the video.
I'll catch you guys next time.
2025-03-04 10:34
